Automatic loophole classification method based on word frequency statistics and simple Bayesian fusion model

A fusion model and Bayesian technology, applied in the field of information security, can solve problems such as classification accuracy needs to be improved

Active Publication Date: 2017-10-20
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But its disadvantage is that it only uses the single attribute of the "vulnerability description" field in the database, and ignores the impact of other attributes of the vulnerability o...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic loophole classification method based on word frequency statistics and simple Bayesian fusion model
  • Automatic loophole classification method based on word frequency statistics and simple Bayesian fusion model
  • Automatic loophole classification method based on word frequency statistics and simple Bayesian fusion model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0125] The technical solutions of the present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0126] Using the vulnerability automatic classification method proposed by the present invention based on word frequency-reverse file frequency and naive Bayesian fusion model to classify vulnerabilities and obtain the operation process of the relationship between the vulnerabilities is as follows figure 1 As shown, the specific operation steps are:

[0127] Step 1. Build a vulnerability database, download the vulnerability data from 2010 to 2016 from the National Vulnerability Database (NVD), select the vulnerability data under linux and filter the fields and import it into the local database.

[0128] The fields of the local vulnerability database are shown in Table 1.

[0129] Table 1 Vulnerability database field table

[0130] Field Name

Chinese name

field source

CVE_ID

Common Vulnerability ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an automatic loophole classification method based on word frequency statistics and a simple Bayesian fusion model, and belongs to the technical field of information security. The method specifically comprises the steps of S1, building a loophole database, and collecting loophole records; S2, determining the class of a privilege set; S3, training a word frequency-reverse file frequency classifier; S4, testing a classification result and an accuracy rate of the word frequency-reverse file frequency classifier; S5, building a simple Bayesian classifier; S6, testing the classification result and the accuracy rate of the simple Bayesian classifier; And S6, fusing the classifiers. Compared with the existing methods, the automatic loophole classification method supporting loophole association mining provided by the invention has the advantage that a loophole description field in the loophole database is used, meanwhile, influence of loophole attributes such as availability scoring and influence scoring on loophole association are simultaneously considered, and classification accuracy is greatly improved.

Description

technical field [0001] The invention relates to a vulnerability automatic classification method based on word frequency statistics and a naive Bayesian fusion model, belonging to the technical field of information security. Background technique [0002] Network security vulnerability refers to the existence of some security holes in the computer system that may be exploited by malicious subjects (attackers or attack programs), which may lead to unauthorized access to system resources or other damage to the system. In recent years, the vulnerability scanning technology and the CVE (Common Vulnerabilities & Exposures, Common Vulnerabilities & Exposures, Common Vulnerabilities & Exposures) standard and the Common Vulnerability Scoring System (Common Vulnerability Scoring System, CVSS) vulnerability rating method that have gradually developed in recent years can detect and discover the vulnerabilities existing in the network, However, it is impossible to analyze the correlation ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06K9/62G06F17/27H04L29/06
CPCH04L63/1433G06F21/577G06F2221/034G06F40/216G06F40/284G06F18/24155G06F18/214
Inventor 胡昌振吕坤张皓
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap